James R. Mirick sets the record straight on things he cares about

Estonia and the Spanish Civil War

It may seem like a bit of a stretch to go back 70 years and see a parallel to an event of today, but the old saying “he who does not learn from history is doomed to repeat it” still holds true. The Spanish Civil War that started in 1936 turned out to be, in hindsight, a warmup match for the Second World War, with the major combatants trying out their new equipment and tactics in some real fighting. The Germans debuted the Bf-109 and the Ju-52, which were later used with such devastating effectiveness against the rest of Europe a few years later. And both sides in the war made the concept of “total war” into reality, as they attacked non-engaged civilians, undefended cities, and priests in a repudiation of the age-old army-against-army approach to battle.

OK, so here’s the parallel. Starting on April 27th the little Baltic republic of Estonia became target of a massive Internet-based distributed denial-of-service attack that targeted government offices, then banks, Internet companies, political parties, news organizations, and other commercial targets. The attacks continued into late May, arriving in waves of increasing heights, often successfully swamping the targeted sites.

What apparently triggered this business was the Estonian government’s decision to move a memorial to Soviet soldiers who fought the Nazis to a less prominent placement in the capital city of Tallinn. Estonia has a large Russian minority who saw this as an affront, while the ethnic Estonians see the monument as a reminder of 50 years of brutal Soviet occupation of their country.

According to Estonian sources inside and outside the government, the initial attack IPs were from Russian servers, and instructions on conducting a DDOS attack against Estonia were posted on several Russian sites. Later the attack was broadened to include over a million machines, obviously recruited from captive botnets. All this is serious business for Estonia, which although it is a pretty small country, is second to nobody in the technology department including being the hub of Skype.

So why should we care? Because the Internet is going to be a major front in conflicts of the future, far more so that now. Amazingly enough even to a technologist like me, in the last 10 years our economy and indeed even our society is becoming highly dependent on the Internet as a transport vehicle for all kinds of services, including (very unfortunately) VOIP telephone service. Now here we have an example of an initial deployment of such weapons against a political entity. Well, better than launching a missile, I guess, but are we as a country ready to respond successfully? Very much unclear at this point. Given the Bush administration’s response to things like Katrina, and their propensity of looting government programs, I’m not confident.

The Estonians have contacted NATO, of which they are a member, but the status of a cyber-attack as a hostile action (in NATO’s terms) is unclear. And, more seriously, although this is clearly triggered by a political issue with a government (Russia), it seems unclear that the Russians are directly involved in it, except for perhaps encouraging it. Nationalist groups within Russia could certainly have carried this out easily by themselves — the cost of recruiting a botnet of even a million computers is measured in the low tens of thousands of dollars.

A senior NATO official stated, “This clearly bore the hallmarks of something concerted. The Estonians are not alone with this problem. It really is a serious issue for the alliance as a whole.”